CVE-2026-7919

An use after free flaw was found in the Aura component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498832921...

CVE-2026-7920

An use after free flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498989348...

CVE-2026-7915

An insufficient data validation flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498454478...

CVE-2026-7914

A type confusion flaw was found in the Accessibility component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498401609...

CVE-2026-7910

An use after free flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497543810...

CVE-2026-7911

An use after free flaw was found in the Aura component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497548912...

CVE-2026-7908

An use after free flaw was found in the Fullscreen component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497436531...

CVE-2026-7901

An use after free flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497724490...

CVE-2026-7905

An insufficient validation of untrusted input flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495259842...

CVE-2026-7899

An out of bounds read and write flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505481948...

CVE-2026-7904

An out of bounds read flaw was found in the Fonts component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=492350406...

CVE-2026-7900

A heap buffer overflow flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496503799...

CVE-2026-7903

An integer overflow flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491760376...

GHSA-R42M-953Q-6VJX Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0)

Impact Users with component view access could be impacted by an unescaped notes column. Patches This was patched in https://github.com/grokability/snipe-it/commit/28f493d84d057895fbb93b6570e7393a2c2fa438, and is fixed in v8.4.1 or greater. Workarounds None...

Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0)

Impact Users with component view access could be impacted by an unescaped notes column. Patches This was patched in https://github.com/grokability/snipe-it/commit/28f493d84d057895fbb93b6570e7393a2c2fa438, and is fixed in v8.4.1 or greater. Workarounds None...

Cross-site Scripting (XSS)

Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the notes field of the component checkout process. An attacker can execute arbitrary JavaScript code in the context of another user by submitting...

CVE-2026-43394

A flaw was found in the Linux kernel's nfsd component. The nfsdnllistenersetdoit function fails to properly release credential references, resulting in a resource leak. This issue could allow a local attacker to exhaust system resources, potentially leading to a Denial of Service DoS...

CVE-2026-7896

An integer overflow flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493747582...

CVE-2026-7898

An use after free flaw was found in the Chromoting component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504587882...

CVE-2026-43317

A flaw was found in the Linux kernel, specifically within the 'most: core' component. This vulnerability involves a resource leak that occurs during early registration failures. When an early registration fails, the resources associated with the interface are not properly released. This can lead ...